Skip to content

Enforce issuer adjustment issuer reference#241

Closed
HardlyDifficult wants to merge 3 commits into
codex/ocf-stock-plan-class-reference-integrityfrom
codex/ocf-issuer-adjustment-reference-integrity
Closed

Enforce issuer adjustment issuer reference#241
HardlyDifficult wants to merge 3 commits into
codex/ocf-stock-plan-class-reference-integrityfrom
codex/ocf-issuer-adjustment-reference-integrity

Conversation

@HardlyDifficult

@HardlyDifficult HardlyDifficult commented Jul 8, 2026

Copy link
Copy Markdown
Collaborator

Summary

Stacked on #240.

This adds contract-level validation that IssuerAuthorizedSharesAdjustment.issuer_id matches the cap table's actual Issuer.id:

  • generated create/edit handlers now receive the issuer contract ID;
  • IssuerAuthorizedSharesAdjustment create/edit fetches the issuer and rejects mismatched issuer_id values;
  • issuer edits already cannot change issuer ID, so batches with issuer edits remain consistent.

OCF documentation

Tests

  • Added create-time rejection for an issuer authorized shares adjustment with a different issuer_id.
  • Added edit-time rejection for changing an existing issuer authorized shares adjustment to a different issuer_id.

Validation

  • NODE_PATH=/Users/fairnick/Documents/code/fairmint/open-captable-protocol-daml/node_modules PATH="/Users/fairnick/Documents/code/fairmint/open-captable-protocol-daml/node_modules/.bin:$HOME/.dpm/bin:$PATH" npm run build
  • From Test/: JAVA_HOME=/opt/homebrew/opt/openjdk@17 PATH="/opt/homebrew/opt/openjdk@17/bin:$HOME/.dpm/bin:$PATH" dpm test --show-coverage --color --coverage-ignore-choice 'splice-amulet:.*'

Note

Medium Risk
Tightens cap-table integrity for issuer-scoped transactions; behavior change rejects previously accepted bad issuer_id data, with limited blast radius to IssuerAuthorizedSharesAdjustment create/edit paths.

Overview
Issuer authorized shares adjustments must now reference the cap table’s actual issuer: on create and edit, UpdateCapTable fetches the issuer contract and rejects issuer_id values that do not match Issuer.id.

Codegen wires this through by adding validateIssuerReference, passing the issuer ContractId into processCreate / processEdit, and calling validation for IssuerAuthorizedSharesAdjustment only. Creates run against newIssuerCid after any issuer edit in the same batch, so validation stays aligned with the post-edit issuer.

Tests add a shared fixture helper plus submitMustFail cases for mismatched issuer_id on create and edit. The packaged OpenCapTable-v34 DAR and dars.lock are updated to the rebuilt artifact.

Reviewed by Cursor Bugbot for commit 68b6b25. Bugbot is set up for automated code reviews on this repo. Configure here.

@coderabbitai

coderabbitai Bot commented Jul 8, 2026

Copy link
Copy Markdown

Important

Review skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 03b82711-b17f-48a2-9979-481a87ad3791

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch codex/ocf-issuer-adjustment-reference-integrity

Comment @coderabbitai help to get the list of available commands.

@HardlyDifficult
HardlyDifficult marked this pull request as ready for review July 8, 2026 23:48
@HardlyDifficult
HardlyDifficult requested a review from Copilot July 8, 2026 23:48

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds cap-table mutation validation to ensure IssuerAuthorizedSharesAdjustment.issuer_id matches the cap table’s actual Issuer.issuer_data.id, preventing cross-issuer adjustments on both create and edit.

Changes:

  • Adds validateIssuerReference and threads issuerCid through generated create/edit handlers so reference checks can fetch the current Issuer contract.
  • Enforces issuer-id reference validation for IssuerAuthorizedSharesAdjustment on create and edit via codegen templates.
  • Extends DAML tests to cover create-time and edit-time rejection on mismatched issuer_id.

Reviewed changes

Copilot reviewed 6 out of 7 changed files in this pull request and generated no comments.

Show a summary per file
File Description
Test/daml/OpenCapTable/TestIssuerAuthorizedSharesAdjustment.daml Adds helper constructor + negative tests for mismatched issuer_id on create/edit.
scripts/codegen/templates/loops/edit-case.daml Adds generated edit-time issuer_id reference validation hook.
scripts/codegen/templates/loops/create-case.daml Adds generated create-time issuer_id reference validation hook.
scripts/codegen/templates/CapTable.daml.template Implements validateIssuerReference and passes issuerCid into create/edit processing.
scripts/codegen/generate-captable.ts Adds a type flag to enable issuer-id validation for IssuerAuthorizedSharesAdjustment.
dars/OpenCapTable-v34/0.0.2/OpenCapTable-v34.dar Updates built DAR artifact (Git LFS pointer).
dars/dars.lock Updates DAR hash/size metadata to match rebuilt artifact.

@HardlyDifficult

Copy link
Copy Markdown
Collaborator Author

Superseded by #251, which consolidates the reference-integrity work into one PR. Before closing this stack PR, I rechecked the live review comments and folded the actionable improvements into #251: StockPlan create-tier ordering, document related-object error messages, stock-class conversion source IDs, warrant conversion validation across all OcfAnyConversionRight variants, WarrantIssuance same-batch vesting-term edits, and immutable DAR backup versioning.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants